Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1645
Views
34
Helpful
16
Replies

question about switchport port security

Dr.X
Level 2
Level 2

‎12-29-2012 01:45 AM - edited ‎03-07-2019 10:49 AM

hi , i have a confusing in a point

now assume i typed

int f0/0

switchport port-security

switchport maximum 10

=======================

by default the switch will learn the mac address and if it learned 11  the port will go into error disabled and this i understood it

but

what is the difference if i typed :

int f0/0

switchport port-security

switchport maximum 10

switchport port-security mac-address sticky

=======================

i also read that mac-address sticky will learn the mac dynamicly

so whats the differnece between the two methods which i typed ???

does that mean that

mac-address sticky

is enabled by default on the switch ??

regards

Labels:
0 Helpful
16 Replies 16

NormMuelleman
Level 1
Level 1
In response to cadet alain

‎12-30-2012 01:18 PM

Cadet alain:

Pulled directly from Cisco:

When configuring port security violation modes, note the following information:

protect—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.

restrict—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to increment.

shutdown—Puts the interface into the error-disabled state immediately and sends an SNMP trap notification.

The only thing restrict does over protect mode is that it causes the SecurityViolation counter to increment. It does not send an SNMP trap. That was covered repeatedly in CCNA-Security as well.

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to NormMuelleman

‎12-31-2012 12:01 AM

Hi,

also pulled from Cisco :http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_58_se/configuration/guide/swtrafc.html#wp1201386

"restrict—When the number of secure MAC addresses  reaches the maximum limit allowed on the port, packets with unknown  source addresses are dropped until you remove a sufficient number of  secure MAC addresses to drop below the maximum value or increase the  number of maximum allowable addresses. In this mode, you are notified  that a security violation has occurred. An SNMP trap is sent, a syslog  message is logged, and the violation counter increments. "

The question is now which Cisco source is right ? I don't have a switch near me to test but i'll do it this week.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful
Customers Also Viewed These Support Documents